US20030154259A1 - Method of providing a virtual private network service through a shared network, and provider edge device for such network - Google Patents
Method of providing a virtual private network service through a shared network, and provider edge device for such network Download PDFInfo
- Publication number
- US20030154259A1 US20030154259A1 US10/185,113 US18511302A US2003154259A1 US 20030154259 A1 US20030154259 A1 US 20030154259A1 US 18511302 A US18511302 A US 18511302A US 2003154259 A1 US2003154259 A1 US 2003154259A1
- Authority
- US
- United States
- Prior art keywords
- identifier
- vpn
- vlan
- devices
- virtual connection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/42—Loop networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
Definitions
- the present invention relates to the provision of virtual private network (VPN) services through carrier networks such as Metropolitan Area Networks (MANs) or Wide Area Networks (WANs).
- VPN virtual private network
- carrier networks such as Metropolitan Area Networks (MANs) or Wide Area Networks (WANs).
- MANs Metropolitan Area Networks
- WANs Wide Area Networks
- a VPN emulates a private network over public or shared infrastructures.
- the shared infrastructure is an IP network such as the Internet
- the VPN can be based on an IP tunneling mechanism, as described in Request For Comments (RFC) 2764 published in February 2000 by the Internet Engineering Task Force (IETF).
- RRC Request For Comments
- IETF Internet Engineering Task Force
- LSPs Label Switched Paths
- the virtual connections can be pre-established by a configuration process, called “provisioning”, performed by the network operator: they are then called Permanent Virtual Circuits (PVC).
- provisioning performed by the network operator: they are then called Permanent Virtual Circuits (PVC).
- PVC Permanent Virtual Circuits
- SVC Switched Virtual Circuits
- Providing a SVC service puts constraints on both the Provider Edge (PE) and the Customer Edge (CE) devices. Both must support a common signaling set-up protocol such as, e.g., the ATM Q.2931 signaling protocol for ATM switched networks. Signaling protocols are complex, they induce additional costs (equipment costs, operational costs . . . ) and they may cause interoperability problems. Inadequate operation of one CE may block a PE and hence interrupt the service for several other customers. Most of the time, higher-level protocols and applications have not been designed to properly drive such SVC signaling, and it is necessary to develop sub-optimal emulation modes (for instance LAN emulation, classical IP , . . . ). These issues can explain why SVC services have been so seldom deployed for FR and ATM networks.
- PE Provider Edge
- CE Customer Edge
- providing a PVC service requires an agreement between the provider and the customer regarding the endpoints of each virtual connection. Then it requires provisioning of each virtual connection by the provider. Often, it also requires additional provisioning by the customer in the CE device, unless some special signaling allows CE devices to automatically discover the virtual connections. In any case, these provisioning actions must be performed coherently between the provider and his customers, and they are a potential source of problems.
- Ethernet networks may support one or more Virtual Local Area Networks (VLANs).
- VLANs Virtual Local Area Networks
- An Ethernet frame circulating in such a network may include, after the Medium Access Control (MAC) address, an additional field called tag header or Q-tag which contains a VLAN identifier (VID).
- MAC Medium Access Control
- Q-tag which contains a VLAN identifier
- a VLAN-aware Ethernet bridge has the ability to perform frame switching based on the VID, deduced either from the physical port from which the incoming frame is received or from the contents of its tag header.
- a VLAN is used for the layer 2 broadcasting and forwarding of frames within a sub-group of users (subscribers of that VLAN). For example, in a corporation, it is possible to define respective virtual LANs for various departments to enable selective broadcasting and forwarding of information in the layer 2 procedures.
- VLAN Concept of VLAN can be extended in the case where Ethernet traffic is transported over a MPLS network (see, e.g., Martini et al., “Transport of Layer 2 Frames Over MPLS”, Internet Draft, draft-martini-I2circuit-trans-mpls-08.txt, published in July 2001 by the IETF).
- a specific MPLS virtual connection, or LSP, originating at a PE can be associated with each VLAN to forward the frames intended for subscribers of that VLAN.
- the CE sends tagged frames to the PE and the latter switches them to the relevant virtual connections based on the ingress physical port and the VID.
- Ethernet media were designed from the beginning as a LAN technology, they do not provide the signaling mechanisms required for WAN SVC networks. So establishing Ethernet PVC across a WAN network requires provisioning in both PE and CE devices.
- An object of the present invention is to alleviate these provisioning issues.
- Another object is to provide simplified signaling and set-up procedures for virtual connections between VLANs.
- the invention proposes a method of providing a VPN service through a shared network infrastructure comprising a plurality of interconnected PE devices having CE interfaces. Some of the CE interfaces are allocated to a VPN supporting a plurality of VLANs and are arranged for exchanging traffic data units with respective CE devices, each traffic data unit including a VLAN identifier.
- the method comprises the step of:
- VC virtual connection
- said VC has an identifier determined from said VLAN identifier and an identifier of said VPN.
- a VC identifier is indeed directly derived from a known VPN identifier and a VLAN identifier known or discovered by a PE device. It thus simplifies the configuration of the PE devices by limiting the number of parameters values to be entered in their configuration table.
- Such method does not cause identification ambiguity because the VPN service must precisely virtually connect two or more CE devices of a same VLAN within a VPN. So, the use, on the shared network infrastructure, of a virtual connection identifier that is based on VPN and VLAN identifiers is well adapted.
- the VC identifier can be a code that directly contains concatenated VPN and VLAN identifiers.
- the VCs are labeled switched paths (LSPs) of a MPLS architecture supported by the shared network infrastructure.
- LSPs labeled switched paths
- other types of carrier networks can be used to provide a L2 VPN service in accordance with the invention, on the condition they comprise an addressing field for containing a VC identifier.
- the PE devices are LERs (Label Edge Routers) and a virtual connection between two CE interfaces of two respective PE devices can be set-up with an appropriate protocol, like LDP (Label Distribution Protocol).
- LDP Label Distribution Protocol
- Another aspect of the invention relates to a method of establishing a VC between PE devices, for transporting traffic data units pertaining to a VLAN supported by a VPN, wherein said VPN comprises CE devices each connected to a respective PE device, wherein the VC has an identifier determined from an identifier of said VLAN and an identifier of said VPN.
- Another aspect of the invention relates to a PE device comprising:
- [0026] means for interconnecting to a shared network infrastructure
- [0028] means for establishing at least one VC between a first CE interface of said PE device and a second CE interface of another PE device interconnected to the shared network infrastructure, for forwarding traffic data units including a respective VLAN identifier, wherein the VC has an identifier determined from said VLAN identifier and an identifier of said VPN.
- FIGS. 1 - 3 are diagrams of a simplified example of virtual private network delivering a point to point service.
- FIGS. 4 - 6 are diagrams of a simplified example of virtual private network delivering a ‘any to any’ service.
- FIG. 7 is an example of format for the VC identifier.
- the invention is illustrated here in its currently preferred application to a VPN service of the Ethernet type using a MPLS-based carrier infrastructure. It will be appreciated that it can also be applied to other types of customer and/or provider networks.
- the carrier network 10 shown in FIGS. 1 - 6 is for instance an IP network having routers supporting the MPLS architecture. Some of these routers 11 are label edge routers (LERS) adapted to form PE devices for the provision of the L2 VPN service. They are denoted PE- 1 to PE- 3 in the diagram of FIGS. 1 - 6 . Other routers (not shown) of the carrier network 10 are label-switched routers (LSRs) which link the LERs by a full mesh of logical links (transport tunnels).
- LERS label edge routers
- LSRs label-switched routers
- Each PE device 11 is initially configured by the provider with the list of the IP addresses of all the remote PE devices.
- FIGS. 1 - 6 also show customer edge devices 12 that are each connected to a respective CE port of a PE device 11 .
- These CE devices 12 are denoted CE-A to CE-E, with CE-A and CE-B connected to PE- 1 , CE-C connected to PE- 2 , and CE-D and CE-E connected to PE- 3 .
- each PE device the service provider configures the VPN-id of each CE interface, or port, offering a L2 VPN service. Each local port number is thus allocated to one VPN-id.
- VPN x includes CE devices CE-A, CE-C and CE-D.
- VPN y includes CE devices CE-B and CE-E.
- the distribution of the VLANs can be configured by the carrier network operator in the PE devices. Alternatively, it can be learnt automatically at the PE devices based on the VIDs included in the tagged frames received from the CE devices, as disclosed in our co-pending patent application, filed on Jan. 22, 2002 under priority of the European application EP 01403179.3, entitled “Methods of establishing virtual circuits and of providing a virtual private network service through a shared network, and provider edge device for such network”, the contents of which is incorporated herein by reference. In both cases, the VIDs have finally to be stored in a configuration table of the corresponding PE devices.
- FIG. 2 shows an exemplary distribution of VLAN identifiers in the relation to configuration of FIG. 1.
- a PE device say PE- 1
- PE- 1 must be able to forward incoming traffic from a CE device connected to one of its CE interfaces, say CE-A, over the carrier network 10 , to a second CE interface of another PE device, say PE- 3 , having the same VID and the same VPN-id as said first CE interface of PE- 1 .
- a virtual connection must be established between CE-A and CE-D, through PE- 1 and PE- 3 and over the carrier network 10 .
- This can be done through any signaling protocol suitable to set up LSPs, such as LDP (Label Distribution Protocol, see RFC 3036 published in January 2001 by the IETF), RSVP (Resource reSerVation Protocol, see RFC 2205 published in September 1997 by the IETF), etc.
- LDP is a preferred protocol, and will be more particularly considered in the following.
- RFC 3036 describes the LSPs set up procedure. For instance, it can be performed by a PE device with an extended discovery mechanism as described in section 2.4.2. This mechanism consists for a device in sending UDP (User Datagram Protocol) packets periodically to a specific address, which is typically the address of another device. The latter can choose to respond in the same way. An LDP session is then established between the devices.
- UDP User Datagram Protocol
- txt which is incorporated herein by reference, defines a specific element to perform the connection of the PE devices in the context of the transport of L2 VPN frames over MPLS. This element is included in exchanged packets between both PE devices.
- VC-labels can be allocated for the two ways as described in the RFC 3036 and they are stored by each PE device, in relation to a CE interface and a VLAN allocated to this CE interface.
- the virtual connection will be used to transport Ethernet frames between CE devices connected to the corresponding PE devices. And the respectively originating and terminating PE devices will respectively push and pop the VC-labels they have stored during the LDP session.
- the VC identifiers are provided to each PE device, for example during a manual configuration stage, in such a way that two PE devices, that have at least a CE interface allocated to a same VPN and likely to carry traffic of a same VLAN, must share a common VC identifier.
- CE-A and CE-D have a common pair (VPN-id, VID), so PE- 1 and PE- 3 , they are connected to through CE interfaces, must be provided with a common VC identifier for the virtual connection between CE-A and CE-D.
- a PE device must thus be aware of many parameters during or after a configuration stage, that can be long and likely to contain errors, especially if it consists in filling a configuration table manually. Indeed, in this case, a provider must configure for each PE device and for each of its CE interfaces, the following entries:
- the invention maps the VC-id parameter with other configured parameters in order to reduce and simplify the provisioning.
- the associated parameter VC-id can be determined from the corresponding pair (VPN-id, VID).
- the VC-id can be defined for example as a concatenation of the corresponding (VPN-id, VID).
- FIG. 3 shows the VC-ids provided in the network of FIGS. 1 - 2 .
- the provider does not fill in the VC-id fields in a PE device configuration table. It does not need to ensure a mapping between two customers, with the same (VPN-id, VID), connected to two different PE devices.
- the VC-id is indeed automatically obtained by concatenating the fields (VPN-id, VID), previously provided.
- VID VID
- FIGS. 4 - 6 show another example for a network delivering a ‘any to any’ service.
- more than two CE devices of a common VPN are allowed to transfer traffic pertaining to the same VLAN.
- a format of VC-id is shown on FIG. 7 by way of example.
- the VC-id is coded on 32 bits, among which the 20 most significant bits represent the VPN-id and the 12 least significant bits the VID.
- This format gives the opportunity to provide service for 1,048,576 VPNs.
- a VPN can provide 4,096 VLANs which is quite comfortable, even for large service providers.
- a virtual private network (VPN) service is provided through a shared network infrastructure comprising a plurality of interconnected provider edge (PE) devices having customer edge (CE) interfaces. Some of the CE interfaces are allocated to a VPN supporting a plurality of virtual local area networks (VLANs) and are arranged for exchanging traffic data units with CE devices. Each traffic data unit includes a VLAN identifier. At least one virtual connection is established in the shared network infrastructure between two CE interfaces of different PE devices, allocated to said VPN, for forwarding traffic data units including a VLAN identifier. Said virtual connection (VC) has an identifier determined from said VLAN identifier and an identifier of said VPN.
- PE provider edge
- CE customer edge
Abstract
Description
- The present invention relates to the provision of virtual private network (VPN) services through carrier networks such as Metropolitan Area Networks (MANs) or Wide Area Networks (WANs).
- A VPN emulates a private network over public or shared infrastructures. When the shared infrastructure is an IP network such as the Internet, the VPN can be based on an IP tunneling mechanism, as described in Request For Comments (RFC) 2764 published in February 2000 by the Internet Engineering Task Force (IETF). Another approach, more particularly concerned by the present invention, provides link layer connectivity for the devices affiliated to the VPN.
- Traditional
WAN data layer 2 services provided by carriers are based on the virtual circuit or virtual connection concept. Data units are switched within the carrier network along pre-established trails referred to as virtual connections. These data units are for instance packets in X.25 networks, frames in Frame Relay (FR) networks, cells in Asynchronous Transfer Mode (ATM) networks, . . . The carrier network may also have a Multi-Protocol Label Switching (MPLS) architecture built over an infrastructure supporting a connectionless network layer protocol such as IP. MPLS is described in RFC 3031 published in January 2001 by the IETF. The virtual connections within a MPLS network are referred to as Label Switched Paths (LSPs). - The virtual connections can be pre-established by a configuration process, called “provisioning”, performed by the network operator: they are then called Permanent Virtual Circuits (PVC). Alternatively, they can be established dynamically on request from the customer equipment: they are then called Switched Virtual Circuits (SVC).
- Providing a SVC service puts constraints on both the Provider Edge (PE) and the Customer Edge (CE) devices. Both must support a common signaling set-up protocol such as, e.g., the ATM Q.2931 signaling protocol for ATM switched networks. Signaling protocols are complex, they induce additional costs (equipment costs, operational costs . . . ) and they may cause interoperability problems. Inadequate operation of one CE may block a PE and hence interrupt the service for several other customers. Most of the time, higher-level protocols and applications have not been designed to properly drive such SVC signaling, and it is necessary to develop sub-optimal emulation modes (for instance LAN emulation, classical IP , . . . ). These issues can explain why SVC services have been so seldom deployed for FR and ATM networks.
- On the other hand, providing a PVC service requires an agreement between the provider and the customer regarding the endpoints of each virtual connection. Then it requires provisioning of each virtual connection by the provider. Often, it also requires additional provisioning by the customer in the CE device, unless some special signaling allows CE devices to automatically discover the virtual connections. In any case, these provisioning actions must be performed coherently between the provider and his customers, and they are a potential source of problems.
- Recently, several vendors have been promoting Ethernet as a universal access media for LAN, MAN and WAN services. Several drafts presented at the IETF cover the way to signal and provision
layer 2 virtual private network (L2 VPN) services based on an IP/MPLS infrastructure (see, e.g., Kompella et al., “MPLS-basedLayer 2 VPNs”, Internet Draft, draft-kompella-ppvpn-I2vpn-00.txt, published in June 2001 by the IETF). - As specified in the IEEE standard 802.1Q approved in December 1998, Ethernet networks may support one or more Virtual Local Area Networks (VLANs). An Ethernet frame circulating in such a network may include, after the Medium Access Control (MAC) address, an additional field called tag header or Q-tag which contains a VLAN identifier (VID). Accordingly, a VLAN-aware Ethernet bridge has the ability to perform frame switching based on the VID, deduced either from the physical port from which the incoming frame is received or from the contents of its tag header. A VLAN is used for the
layer 2 broadcasting and forwarding of frames within a sub-group of users (subscribers of that VLAN). For example, in a corporation, it is possible to define respective virtual LANs for various departments to enable selective broadcasting and forwarding of information in thelayer 2 procedures. - It has been suggested that the concept of VLAN can be extended in the case where Ethernet traffic is transported over a MPLS network (see, e.g., Martini et al., “Transport of
Layer 2 Frames Over MPLS”, Internet Draft, draft-martini-I2circuit-trans-mpls-08.txt, published in July 2001 by the IETF). - In such a case, a specific MPLS virtual connection, or LSP, originating at a PE can be associated with each VLAN to forward the frames intended for subscribers of that VLAN. The CE sends tagged frames to the PE and the latter switches them to the relevant virtual connections based on the ingress physical port and the VID.
- Because Ethernet media were designed from the beginning as a LAN technology, they do not provide the signaling mechanisms required for WAN SVC networks. So establishing Ethernet PVC across a WAN network requires provisioning in both PE and CE devices.
- Many parameters must be provisioned and stored especially in the PE device to allow a L2 VPN service.
- An object of the present invention is to alleviate these provisioning issues.
- Another object is to provide simplified signaling and set-up procedures for virtual connections between VLANs.
- The invention proposes a method of providing a VPN service through a shared network infrastructure comprising a plurality of interconnected PE devices having CE interfaces. Some of the CE interfaces are allocated to a VPN supporting a plurality of VLANs and are arranged for exchanging traffic data units with respective CE devices, each traffic data unit including a VLAN identifier. The method comprises the step of:
- establishing at least one virtual connection (VC) in the shared network infrastructure between two CE interfaces allocated to said VPN, for forwarding traffic data units including a respective VLAN identifier.
- According to the invention, said VC has an identifier determined from said VLAN identifier and an identifier of said VPN.
- In this way, it is not necessary to provide each PE device manually with VC identifiers for each CE interface. By the invention, a VC identifier is indeed directly derived from a known VPN identifier and a VLAN identifier known or discovered by a PE device. It thus simplifies the configuration of the PE devices by limiting the number of parameters values to be entered in their configuration table.
- Such method does not cause identification ambiguity because the VPN service must precisely virtually connect two or more CE devices of a same VLAN within a VPN. So, the use, on the shared network infrastructure, of a virtual connection identifier that is based on VPN and VLAN identifiers is well adapted.
- It even avoids interconnections of CE devices that would belong to different VLANs, whereas this can occur when provisioning the VC identifiers independently of the VLANs.
- Advantageously, the VC identifier can be a code that directly contains concatenated VPN and VLAN identifiers.
- In a preferred embodiment of the invention, the VCs are labeled switched paths (LSPs) of a MPLS architecture supported by the shared network infrastructure. However, other types of carrier networks can be used to provide a L2 VPN service in accordance with the invention, on the condition they comprise an addressing field for containing a VC identifier.
- In case of a MPLS architecture, the PE devices are LERs (Label Edge Routers) and a virtual connection between two CE interfaces of two respective PE devices can be set-up with an appropriate protocol, like LDP (Label Distribution Protocol).
- Another aspect of the invention relates to a method of establishing a VC between PE devices, for transporting traffic data units pertaining to a VLAN supported by a VPN, wherein said VPN comprises CE devices each connected to a respective PE device, wherein the VC has an identifier determined from an identifier of said VLAN and an identifier of said VPN.
- Another aspect of the invention relates to a PE device comprising:
- means for interconnecting to a shared network infrastructure;
- at least one CE interface allocated to a VPN supporting a plurality of VLANs, arranged for exchanging traffic data units with a respective CE device, each traffic data unit including a VLAN identifier; and
- means for establishing at least one VC between a first CE interface of said PE device and a second CE interface of another PE device interconnected to the shared network infrastructure, for forwarding traffic data units including a respective VLAN identifier, wherein the VC has an identifier determined from said VLAN identifier and an identifier of said VPN.
- The preferred features of the above aspects which are indicated by the dependent claims may be combined as appropriate, and may be combined with any of the above aspects of the invention, as would be apparent to a person skilled in the art.
- FIGS.1-3 are diagrams of a simplified example of virtual private network delivering a point to point service.
- FIGS.4-6 are diagrams of a simplified example of virtual private network delivering a ‘any to any’ service.
- FIG. 7 is an example of format for the VC identifier.
- The invention is illustrated here in its currently preferred application to a VPN service of the Ethernet type using a MPLS-based carrier infrastructure. It will be appreciated that it can also be applied to other types of customer and/or provider networks.
- The
carrier network 10 shown in FIGS. 1-6 is for instance an IP network having routers supporting the MPLS architecture. Some of theserouters 11 are label edge routers (LERS) adapted to form PE devices for the provision of the L2 VPN service. They are denoted PE-1 to PE-3 in the diagram of FIGS. 1-6. Other routers (not shown) of thecarrier network 10 are label-switched routers (LSRs) which link the LERs by a full mesh of logical links (transport tunnels). - Each
PE device 11 is initially configured by the provider with the list of the IP addresses of all the remote PE devices. - FIGS.1-6 also show
customer edge devices 12 that are each connected to a respective CE port of aPE device 11. TheseCE devices 12 are denoted CE-A to CE-E, with CE-A and CE-B connected to PE-1, CE-C connected to PE-2, and CE-D and CE-E connected to PE-3. We assume here that the CE devices are supporting VLANs and are using tagged traffic compliant with the IEEE 802.1Q standard. Untagged traffic is assigned to the default VLAN identifier (VID)=0. - In each PE device, the service provider configures the VPN-id of each CE interface, or port, offering a L2 VPN service. Each local port number is thus allocated to one VPN-id.
- FIG. 1 shows an example with two customer VPNs, having VPN-id=x and VPN-id=y. VPN x includes CE devices CE-A, CE-C and CE-D. VPN y includes CE devices CE-B and CE-E.
- The distribution of the VLANs can be configured by the carrier network operator in the PE devices. Alternatively, it can be learnt automatically at the PE devices based on the VIDs included in the tagged frames received from the CE devices, as disclosed in our co-pending patent application, filed on Jan. 22, 2002 under priority of the European application EP 01403179.3, entitled “Methods of establishing virtual circuits and of providing a virtual private network service through a shared network, and provider edge device for such network”, the contents of which is incorporated herein by reference. In both cases, the VIDs have finally to be stored in a configuration table of the corresponding PE devices.
- FIG. 2 shows an exemplary distribution of VLAN identifiers in the relation to configuration of FIG. 1. On the figure, at most two CEs per VPN use a same VLAN identifier, which is consistent with a point-to-point service (in this example, there is one CE device for (VPN-id, VID)=(x, 2), (y, 7) or (y, 9), and two CE devices for (VPN-id, VID)=(x, 3), (x, 5) or (y, 3)).
- A PE device, say PE-1, must be able to forward incoming traffic from a CE device connected to one of its CE interfaces, say CE-A, over the
carrier network 10, to a second CE interface of another PE device, say PE-3, having the same VID and the same VPN-id as said first CE interface of PE-1. The second CE interface leads to CE-D on the example drawn on FIGS. 1-2, since both considered CE interfaces have a common pair (VPN-id, VID)=(x,3). - For this purpose, a virtual connection must be established between CE-A and CE-D, through PE-1 and PE-3 and over the
carrier network 10. This can be done through any signaling protocol suitable to set up LSPs, such as LDP (Label Distribution Protocol, see RFC 3036 published in January 2001 by the IETF), RSVP (Resource reSerVation Protocol, see RFC 2205 published in September 1997 by the IETF), etc. LDP is a preferred protocol, and will be more particularly considered in the following. - RFC 3036 describes the LSPs set up procedure. For instance, it can be performed by a PE device with an extended discovery mechanism as described in section 2.4.2. This mechanism consists for a device in sending UDP (User Datagram Protocol) packets periodically to a specific address, which is typically the address of another device. The latter can choose to respond in the same way. An LDP session is then established between the devices. The above-mentioned Internet Draft draft-martini-I2circuit-trans-mpls-08.txt, which is incorporated herein by reference, defines a specific element to perform the connection of the PE devices in the context of the transport of L2 VPN frames over MPLS. This element is included in exchanged packets between both PE devices. It is a 128 bits element, wherein a 32 bits field represents the virtual connection (VC) identifier. A PE device receiving a VC identifier value from another PE device, compares it with its own VC identifiers, that is to say the VC identifiers it has been provided with. When VC identifiers match between both PE devices, a virtual connection is established between them. At the same time, VC-labels can be allocated for the two ways as described in the RFC 3036 and they are stored by each PE device, in relation to a CE interface and a VLAN allocated to this CE interface.
- Later, the virtual connection will be used to transport Ethernet frames between CE devices connected to the corresponding PE devices. And the respectively originating and terminating PE devices will respectively push and pop the VC-labels they have stored during the LDP session.
- It can be noted that a virtual connection can be established even between two CE interfaces belonging to a unique PE device.
- In a prior art method, the VC identifiers are provided to each PE device, for example during a manual configuration stage, in such a way that two PE devices, that have at least a CE interface allocated to a same VPN and likely to carry traffic of a same VLAN, must share a common VC identifier. For instance, referring back to FIGS.1-2, CE-A and CE-D have a common pair (VPN-id, VID), so PE-1 and PE-3, they are connected to through CE interfaces, must be provided with a common VC identifier for the virtual connection between CE-A and CE-D.
- FIG. 3 shows the VCs established for the network of FIGS.1-2, that require a specific VC identifier (VC-id) in the corresponding PE devices: a VC in dashed lines between PE-1 and PE-3 for communication of tagged frames of VPN x with VID=3 between CE-A and CE-D; a VC in dashed lines between PE-2 and PE-3 for communication of tagged frames of VPN x with VID=5 between CE-C and CE-D; and a VC in dashed-and-dot lines between PE-1 and PE-3 for communication of tagged frames of VPN y with VID=3 between CE-A and CE-E.
- A PE device must thus be aware of many parameters during or after a configuration stage, that can be long and likely to contain errors, especially if it consists in filling a configuration table manually. Indeed, in this case, a provider must configure for each PE device and for each of its CE interfaces, the following entries:
- a port number,
- a VPN-id,
- a list of VIDs (if not learnt by the PE device by tagged frames exchange),
- a VC-id per VLAN,
- an incoming VC-label per VLAN,
- an outgoing VC-label per VLAN.
- It must also maintain the tables after an event that could change some value.
- The invention maps the VC-id parameter with other configured parameters in order to reduce and simplify the provisioning. As a virtual connection is aimed at transporting frames inside a VLAN of a VPN over the carrier network, the associated parameter VC-id can be determined from the corresponding pair (VPN-id, VID). The VC-id can be defined for example as a concatenation of the corresponding (VPN-id, VID).
- FIG. 3 shows the VC-ids provided in the network of FIGS.1-2. The VC used for transporting frames of
VLAN # 3 over the carrier network between CE-A and CE-D has VC-id=(x, 3). The one used for transporting frames ofVLAN # 3 between CE-B and CE-E has VC-id=(y, 3). The one used for transporting frames ofVLAN # 5 between CE-C and CE-D has VC-id=(x, 5). - During a configuration stage, the provider does not fill in the VC-id fields in a PE device configuration table. It does not need to ensure a mapping between two customers, with the same (VPN-id, VID), connected to two different PE devices. The VC-id is indeed automatically obtained by concatenating the fields (VPN-id, VID), previously provided.
- If provisioning is performed by learning, each time a VID is discovered, a corresponding VC-id is determined from said VID and the adequate VPN-id (already known by the PE-device).
- There is no ambiguity by determining a VC-id from a pair (VPN-id, VID), because a PE device precisely switches tagged frames from a CE interface according to the VID included in the tag, within the corresponding VPN.
- It is also a guarantee that two CE devices of the same VLAN but from different VPNs will not be interconnected, because the corresponding PE devices, they are connected to, will always have different VC-ids and then no virtual connection will be set up between them.
- A reuse of VIDs in different VPNs is possible, since only the pair (VPN-id, VID) identifies a VC-id.
- FIGS.4-6 show another example for a network delivering a ‘any to any’ service. Here, more than two CE devices of a common VPN are allowed to transfer traffic pertaining to the same VLAN. In the example, the CE interfaces between CE-A and PE-1, CE-D and PE-3, and CE-C and PE-2 are allocated to VPN x and use VID=3. According to the invention, the same VC-id=(x, 3) is used for the three VCs established between said CE interfaces two by two respectively, as shown in dashed lines on FIG. 6. If a frame tagged with VID=3 is sent by CE-A for instance, it is forwarded by PE-1 to both CE-C and CE-D, over the corresponding VCs, according to the VC-id=(x, 3).
- A format of VC-id is shown on FIG. 7 by way of example. The VC-id is coded on 32 bits, among which the 20 most significant bits represent the VPN-id and the 12 least significant bits the VID. This format gives the opportunity to provide service for 1,048,576 VPNs. A VPN can provide 4,096 VLANs which is quite comfortable, even for large service providers.
- The text of the abstract repeated below is hereby deemed incorporated in the description:
- A virtual private network (VPN) service is provided through a shared network infrastructure comprising a plurality of interconnected provider edge (PE) devices having customer edge (CE) interfaces. Some of the CE interfaces are allocated to a VPN supporting a plurality of virtual local area networks (VLANs) and are arranged for exchanging traffic data units with CE devices. Each traffic data unit includes a VLAN identifier. At least one virtual connection is established in the shared network infrastructure between two CE interfaces of different PE devices, allocated to said VPN, for forwarding traffic data units including a VLAN identifier. Said virtual connection (VC) has an identifier determined from said VLAN identifier and an identifier of said VPN.
Claims (16)
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP02290317.3 | 2002-02-08 | ||
EP02290317 | 2002-02-08 | ||
EP02290317 | 2002-02-08 |
Publications (2)
Publication Number | Publication Date |
---|---|
US20030154259A1 true US20030154259A1 (en) | 2003-08-14 |
US6789121B2 US6789121B2 (en) | 2004-09-07 |
Family
ID=27635896
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/185,113 Expired - Fee Related US6789121B2 (en) | 2002-02-08 | 2002-06-28 | Method of providing a virtual private network service through a shared network, and provider edge device for such network |
Country Status (1)
Country | Link |
---|---|
US (1) | US6789121B2 (en) |
Cited By (35)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040047353A1 (en) * | 2002-07-12 | 2004-03-11 | Nec Corporation | Frame transfer method and node in network, and frame transfer program |
US20040088542A1 (en) * | 2002-11-06 | 2004-05-06 | Olivier Daude | Virtual private network crossovers based on certificates |
US20050213513A1 (en) * | 2004-03-25 | 2005-09-29 | Alcatel | Full mesh LSP and full mesh T-LDP provisioning between provider edge routers in support of Layer-2 and Layer-3 Virtual Private Network services |
US20060047851A1 (en) * | 2004-08-25 | 2006-03-02 | Cisco Technoloy, Inc. | Computer network with point-to-point pseudowire redundancy |
US20060111113A1 (en) * | 2002-10-17 | 2006-05-25 | Heikki Waris | Virtual private network with mobile nodes |
US20060130135A1 (en) * | 2004-12-10 | 2006-06-15 | Alcatel | Virtual private network connection methods and systems |
US20060184645A1 (en) * | 2005-02-14 | 2006-08-17 | Sylvain Monette | Method and nodes for performing bridging of data traffic over an access domain |
US20060245436A1 (en) * | 2005-04-28 | 2006-11-02 | Cisco Technology, Inc. | Comprehensive model for VPLS |
US20060245438A1 (en) * | 2005-04-28 | 2006-11-02 | Cisco Technology, Inc. | Metro ethernet network with scaled broadcast and service instance domains |
US20060245435A1 (en) * | 2005-04-28 | 2006-11-02 | Cisco Technology, Inc. | Scalable system and method for DSL subscriber traffic over an Ethernet network |
WO2006116923A1 (en) * | 2005-04-29 | 2006-11-09 | Huawei Technologies Co., Ltd. | A SWITCH SYSTEM AND METHOD FOR SWITCHING A WiMAX STREAM |
US20060268856A1 (en) * | 2005-05-31 | 2006-11-30 | Cisco Technology, Inc. | System and method for authentication of SP Ethernet aggregation networks |
US20060285500A1 (en) * | 2005-06-15 | 2006-12-21 | Booth Earl H Iii | Method and apparatus for packet loss detection |
US20070008982A1 (en) * | 2005-07-11 | 2007-01-11 | Cisco Technology, Inc. | Redundant pseudowires between Ethernet access domains |
US20070014290A1 (en) * | 2005-07-12 | 2007-01-18 | Cisco Technology, Inc. | Address resolution mechanism for ethernet maintenance endpoints |
US20070016947A1 (en) * | 2002-04-04 | 2007-01-18 | Joel Balissat | Method and system for securely scanning network traffic |
US20070025277A1 (en) * | 2005-08-01 | 2007-02-01 | Cisco Technology, Inc. | Optimal bridging over MPLS / IP through alignment of multicast and unicast paths |
US20070025276A1 (en) * | 2005-08-01 | 2007-02-01 | Cisco Technology, Inc. | Congruent forwarding paths for unicast and multicast traffic |
US20070076607A1 (en) * | 2005-09-14 | 2007-04-05 | Cisco Technology, Inc. | Quality of service based on logical port identifier for broadband aggregation networks |
US20070180514A1 (en) * | 2002-04-04 | 2007-08-02 | Joel Balissat | Multipoint server for providing secure, scaleable connections between a plurality of network devices |
US20070204339A1 (en) * | 2005-12-02 | 2007-08-30 | Alcatel | Virtual private network publish-subscribe multicast service |
US20080067128A1 (en) * | 2005-03-11 | 2008-03-20 | Centre National De La Recherche Scientifique | Fluid separation device |
US20080159311A1 (en) * | 2006-12-29 | 2008-07-03 | Ericsson Ab | Method of Providing Data |
US20080186980A1 (en) * | 2007-02-05 | 2008-08-07 | Koninklijke Kpn N.V. | VLAN numbering in access networks |
US20080285466A1 (en) * | 2007-05-19 | 2008-11-20 | Cisco Technology, Inc. | Interworking between MPLS/IP and Ethernet OAM mechanisms |
CN100446503C (en) * | 2005-03-22 | 2008-12-24 | 杭州华三通信技术有限公司 | Enhanced VPN network optimization method and apparatus |
US20090016365A1 (en) * | 2007-07-13 | 2009-01-15 | Cisco Technology, Inc. | Intra-domain and inter-domain bridging over MPLS using MAC distribution via border gateway protocol |
US20090028162A1 (en) * | 2003-09-03 | 2009-01-29 | At&T Intellectual Property I, L.P. | Method and system for automating membership discovery in a distributed computer network |
WO2009124591A1 (en) | 2008-04-10 | 2009-10-15 | Telefonaktiebolaget Lm Ericsson (Publ) | Setting up a virtual private network using virtual lan identifiers |
US20100002578A1 (en) * | 2006-10-09 | 2010-01-07 | Raoul Fiorone | Resiliency Schemes in Communications Networks |
US7715310B1 (en) | 2004-05-28 | 2010-05-11 | Cisco Technology, Inc. | L2VPN redundancy with ethernet access domain |
US8077709B2 (en) | 2007-09-19 | 2011-12-13 | Cisco Technology, Inc. | Redundancy at a virtual provider edge node that faces a tunneling protocol core network for virtual private local area network (LAN) service (VPLS) |
US20120281701A1 (en) * | 2003-07-29 | 2012-11-08 | At&T Intellectual Property I, L.P. (Formerly Sbc Knowledge Ventures, L.P.) | Broadband access for virtual private networks |
WO2012172319A1 (en) | 2011-06-15 | 2012-12-20 | Bae Systems Plc | Data transfer |
US8650285B1 (en) | 2011-03-22 | 2014-02-11 | Cisco Technology, Inc. | Prevention of looping and duplicate frame delivery in a network environment |
Families Citing this family (22)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8713185B2 (en) * | 2001-12-07 | 2014-04-29 | Rockstar Bidco, LP | Methods of establishing virtual circuits and of providing a virtual private network service through a shared network, and provider edge device for such network |
US7453888B2 (en) * | 2002-08-27 | 2008-11-18 | Alcatel Lucent | Stackable virtual local area network provisioning in bridged networks |
US8656050B2 (en) * | 2002-09-24 | 2014-02-18 | Alcatel Lucent | Methods and systems for efficiently configuring IP-based, virtual private networks |
US8923292B2 (en) | 2004-04-06 | 2014-12-30 | Rockstar Consortium Us Lp | Differential forwarding in address-based carrier networks |
US20050220096A1 (en) | 2004-04-06 | 2005-10-06 | Robert Friskney | Traffic engineering in frame-based carrier networks |
US7644317B1 (en) | 2004-06-02 | 2010-01-05 | Cisco Technology, Inc. | Method and apparatus for fault detection/isolation in metro Ethernet service |
US8422500B2 (en) | 2004-07-02 | 2013-04-16 | Rockstar Consortium Us Lp | VLAN support of differentiated services |
US7835370B2 (en) * | 2005-04-28 | 2010-11-16 | Cisco Technology, Inc. | System and method for DSL subscriber identification over ethernet network |
US7515542B2 (en) | 2005-07-12 | 2009-04-07 | Cisco Technology, Inc. | Broadband access note with a virtual maintenance end point |
US8902908B2 (en) * | 2006-05-02 | 2014-12-02 | Cisco Technology, Inc. | Support of a large number of VLANs in a bridged network |
US8085790B2 (en) * | 2006-07-14 | 2011-12-27 | Cisco Technology, Inc. | Ethernet layer 2 protocol packet switching |
US8144699B2 (en) * | 2006-11-21 | 2012-03-27 | Cisco Technology, Inc. | Auto-provisioning of network services over an ethernet access link |
US7646778B2 (en) * | 2007-04-27 | 2010-01-12 | Cisco Technology, Inc. | Support of C-tagged service interface in an IEEE 802.1ah bridge |
US8140654B2 (en) * | 2007-04-27 | 2012-03-20 | Futurewei Technologies, Inc. | Verifying management virtual local area network identifier provisioning consistency |
US8203943B2 (en) * | 2007-08-27 | 2012-06-19 | Cisco Technology, Inc. | Colored access control lists for multicast forwarding using layer 2 control protocol |
US7843917B2 (en) * | 2007-11-08 | 2010-11-30 | Cisco Technology, Inc. | Half-duplex multicast distribution tree construction |
US8743740B2 (en) * | 2008-04-08 | 2014-06-03 | At&T Intellectual Property I, L.P. | Methods and apparatus to implement a partial mesh virtual private local area network service |
US7796607B2 (en) * | 2008-05-30 | 2010-09-14 | At&T Intellectual Property I, L.P. | Scalable multiprotocol label switching based virtual private networks and methods to implement the same |
US8218454B2 (en) | 2009-09-21 | 2012-07-10 | At&T Intellectual Property I, L.P. | Methods and apparatus to implement scalable routing in network communication systems |
US8675494B2 (en) * | 2009-12-04 | 2014-03-18 | Brocade Communications Systems, Inc. | Conflict identification in label switched services |
US8988984B2 (en) * | 2011-02-04 | 2015-03-24 | Cisco Technology, Inc. | Designated forwarder election for VPLS with BGP-based MAC learning |
KR20130048095A (en) * | 2011-11-01 | 2013-05-09 | 한국전자통신연구원 | Apparatus and method for controlling vpn service |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20010034758A1 (en) * | 2000-02-24 | 2001-10-25 | Dan Kikinis | Virtual private network (VPN) for servicing home gateway system through external disk management |
US20030108051A1 (en) * | 2001-12-07 | 2003-06-12 | Simon Bryden | Address resolution method for a virtual private network, and customer edge device for implementing the method |
US20030110268A1 (en) * | 2001-12-07 | 2003-06-12 | Francois Kermarec | Methods of establishing virtual circuits and of providing a virtual private network service through a shared network, and provider edge device for such network |
US6654347B1 (en) * | 1999-10-22 | 2003-11-25 | Dell Usa L.P. | Site-to-site dynamic virtual local area network |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1318631B1 (en) * | 2001-12-07 | 2005-12-21 | Nortel Networks Limited | Address resolution method for a virtual private network, and customer edge device for implementing the method |
FI20021161A (en) * | 2002-06-14 | 2003-12-15 | Sonera Oyj | Method of transmitting a local network user data in a data transfer device and a local network system |
-
2002
- 2002-06-28 US US10/185,113 patent/US6789121B2/en not_active Expired - Fee Related
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6654347B1 (en) * | 1999-10-22 | 2003-11-25 | Dell Usa L.P. | Site-to-site dynamic virtual local area network |
US20010034758A1 (en) * | 2000-02-24 | 2001-10-25 | Dan Kikinis | Virtual private network (VPN) for servicing home gateway system through external disk management |
US20030108051A1 (en) * | 2001-12-07 | 2003-06-12 | Simon Bryden | Address resolution method for a virtual private network, and customer edge device for implementing the method |
US20030110268A1 (en) * | 2001-12-07 | 2003-06-12 | Francois Kermarec | Methods of establishing virtual circuits and of providing a virtual private network service through a shared network, and provider edge device for such network |
Cited By (74)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070016947A1 (en) * | 2002-04-04 | 2007-01-18 | Joel Balissat | Method and system for securely scanning network traffic |
US7448081B2 (en) | 2002-04-04 | 2008-11-04 | At&T Intellectual Property Ii, L.P. | Method and system for securely scanning network traffic |
US7543332B2 (en) | 2002-04-04 | 2009-06-02 | At&T Corporation | Method and system for securely scanning network traffic |
US7562386B2 (en) | 2002-04-04 | 2009-07-14 | At&T Intellectual Property, Ii, L.P. | Multipoint server for providing secure, scaleable connections between a plurality of network devices |
US20070180514A1 (en) * | 2002-04-04 | 2007-08-02 | Joel Balissat | Multipoint server for providing secure, scaleable connections between a plurality of network devices |
US20070169187A1 (en) * | 2002-04-04 | 2007-07-19 | Joel Balissat | Method and system for securely scanning network traffic |
US8136152B2 (en) | 2002-04-04 | 2012-03-13 | Worcester Technologies Llc | Method and system for securely scanning network traffic |
US20040047353A1 (en) * | 2002-07-12 | 2004-03-11 | Nec Corporation | Frame transfer method and node in network, and frame transfer program |
US20060111113A1 (en) * | 2002-10-17 | 2006-05-25 | Heikki Waris | Virtual private network with mobile nodes |
US20040088542A1 (en) * | 2002-11-06 | 2004-05-06 | Olivier Daude | Virtual private network crossovers based on certificates |
US7574738B2 (en) * | 2002-11-06 | 2009-08-11 | At&T Intellectual Property Ii, L.P. | Virtual private network crossovers based on certificates |
US20130308643A1 (en) * | 2003-07-29 | 2013-11-21 | At&T Intellectual Property I, L.P. | Broadband access for virtual private networks |
US20120281701A1 (en) * | 2003-07-29 | 2012-11-08 | At&T Intellectual Property I, L.P. (Formerly Sbc Knowledge Ventures, L.P.) | Broadband access for virtual private networks |
US10313306B2 (en) | 2003-07-29 | 2019-06-04 | Marlow Technologies, Llc | Broadband access for virtual private networks |
US11240206B2 (en) | 2003-07-29 | 2022-02-01 | Marlow Technologies, Llc | Broadband access for virtual private networks |
US8942240B2 (en) * | 2003-07-29 | 2015-01-27 | Marlow Technologies, Llc | Broadband access for virtual private networks |
US8520681B2 (en) * | 2003-07-29 | 2013-08-27 | At&T Intellectual Property I, L.P. | Broadband access for virtual private networks |
US9467373B2 (en) | 2003-07-29 | 2016-10-11 | Marlow Technologies, Llc | Broadband access for virtual private networks |
US8098665B2 (en) * | 2003-09-03 | 2012-01-17 | At&T Intellectual Property I, L.P. | Method and system for automating membership discovery in a distributed computer network |
US20090028162A1 (en) * | 2003-09-03 | 2009-01-29 | At&T Intellectual Property I, L.P. | Method and system for automating membership discovery in a distributed computer network |
US7436782B2 (en) * | 2004-03-25 | 2008-10-14 | Alcatel Lucent | Full mesh LSP and full mesh T-LDP provisioning between provider edge routers in support of Layer-2 and Layer-3 virtual private network services |
US20050213513A1 (en) * | 2004-03-25 | 2005-09-29 | Alcatel | Full mesh LSP and full mesh T-LDP provisioning between provider edge routers in support of Layer-2 and Layer-3 Virtual Private Network services |
US7715310B1 (en) | 2004-05-28 | 2010-05-11 | Cisco Technology, Inc. | L2VPN redundancy with ethernet access domain |
US7643409B2 (en) | 2004-08-25 | 2010-01-05 | Cisco Technology, Inc. | Computer network with point-to-point pseudowire redundancy |
US20060047851A1 (en) * | 2004-08-25 | 2006-03-02 | Cisco Technoloy, Inc. | Computer network with point-to-point pseudowire redundancy |
US20060130135A1 (en) * | 2004-12-10 | 2006-06-15 | Alcatel | Virtual private network connection methods and systems |
US20060184645A1 (en) * | 2005-02-14 | 2006-08-17 | Sylvain Monette | Method and nodes for performing bridging of data traffic over an access domain |
US7801039B2 (en) * | 2005-02-14 | 2010-09-21 | Telefonaktiebolaget Lm Ericsson (Publ) | Method and nodes for performing bridging of data traffic over an access domain |
US20080067128A1 (en) * | 2005-03-11 | 2008-03-20 | Centre National De La Recherche Scientifique | Fluid separation device |
CN100446503C (en) * | 2005-03-22 | 2008-12-24 | 杭州华三通信技术有限公司 | Enhanced VPN network optimization method and apparatus |
US9088669B2 (en) * | 2005-04-28 | 2015-07-21 | Cisco Technology, Inc. | Scalable system and method for DSL subscriber traffic over an Ethernet network |
US20060245436A1 (en) * | 2005-04-28 | 2006-11-02 | Cisco Technology, Inc. | Comprehensive model for VPLS |
US20060245438A1 (en) * | 2005-04-28 | 2006-11-02 | Cisco Technology, Inc. | Metro ethernet network with scaled broadcast and service instance domains |
US8213435B2 (en) | 2005-04-28 | 2012-07-03 | Cisco Technology, Inc. | Comprehensive model for VPLS |
US9967371B2 (en) | 2005-04-28 | 2018-05-08 | Cisco Technology, Inc. | Metro ethernet network with scaled broadcast and service instance domains |
US20060245435A1 (en) * | 2005-04-28 | 2006-11-02 | Cisco Technology, Inc. | Scalable system and method for DSL subscriber traffic over an Ethernet network |
US8194656B2 (en) | 2005-04-28 | 2012-06-05 | Cisco Technology, Inc. | Metro ethernet network with scaled broadcast and service instance domains |
CN100420236C (en) * | 2005-04-29 | 2008-09-17 | 华为技术有限公司 | Switching system for WiMAX flows |
WO2006116923A1 (en) * | 2005-04-29 | 2006-11-09 | Huawei Technologies Co., Ltd. | A SWITCH SYSTEM AND METHOD FOR SWITCHING A WiMAX STREAM |
US20060268856A1 (en) * | 2005-05-31 | 2006-11-30 | Cisco Technology, Inc. | System and method for authentication of SP Ethernet aggregation networks |
US8094663B2 (en) | 2005-05-31 | 2012-01-10 | Cisco Technology, Inc. | System and method for authentication of SP ethernet aggregation networks |
US7773611B2 (en) * | 2005-06-15 | 2010-08-10 | Cisco Technology, Inc. | Method and apparatus for packet loss detection |
US20060285500A1 (en) * | 2005-06-15 | 2006-12-21 | Booth Earl H Iii | Method and apparatus for packet loss detection |
US8175078B2 (en) | 2005-07-11 | 2012-05-08 | Cisco Technology, Inc. | Redundant pseudowires between Ethernet access domains |
US20070008982A1 (en) * | 2005-07-11 | 2007-01-11 | Cisco Technology, Inc. | Redundant pseudowires between Ethernet access domains |
US8625412B2 (en) | 2005-07-11 | 2014-01-07 | Cisco Technology, Inc. | Redundant pseudowires between ethernet access domains |
US7889754B2 (en) | 2005-07-12 | 2011-02-15 | Cisco Technology, Inc. | Address resolution mechanism for ethernet maintenance endpoints |
US20070014290A1 (en) * | 2005-07-12 | 2007-01-18 | Cisco Technology, Inc. | Address resolution mechanism for ethernet maintenance endpoints |
US20070025277A1 (en) * | 2005-08-01 | 2007-02-01 | Cisco Technology, Inc. | Optimal bridging over MPLS / IP through alignment of multicast and unicast paths |
US8169924B2 (en) | 2005-08-01 | 2012-05-01 | Cisco Technology, Inc. | Optimal bridging over MPLS/IP through alignment of multicast and unicast paths |
US7855950B2 (en) | 2005-08-01 | 2010-12-21 | Cisco Technology, Inc. | Congruent forwarding paths for unicast and multicast traffic |
US20070025276A1 (en) * | 2005-08-01 | 2007-02-01 | Cisco Technology, Inc. | Congruent forwarding paths for unicast and multicast traffic |
US9088619B2 (en) | 2005-09-14 | 2015-07-21 | Cisco Technology, Inc. | Quality of service based on logical port identifier for broadband aggregation networks |
US20070076607A1 (en) * | 2005-09-14 | 2007-04-05 | Cisco Technology, Inc. | Quality of service based on logical port identifier for broadband aggregation networks |
US7797382B2 (en) * | 2005-12-02 | 2010-09-14 | Alcatel Lucent | Virtual private network publish-subscribe multicast service |
US20070204339A1 (en) * | 2005-12-02 | 2007-08-30 | Alcatel | Virtual private network publish-subscribe multicast service |
US20100002578A1 (en) * | 2006-10-09 | 2010-01-07 | Raoul Fiorone | Resiliency Schemes in Communications Networks |
US8787150B2 (en) | 2006-10-09 | 2014-07-22 | Telefonaktiebolaget L M Ericsson (Publ) | Resiliency schemes in communications networks |
US20080159311A1 (en) * | 2006-12-29 | 2008-07-03 | Ericsson Ab | Method of Providing Data |
US8964768B2 (en) | 2007-02-05 | 2015-02-24 | Koninklijke Kpn N.V. | VLAN numbering in access networks |
US8340107B2 (en) * | 2007-02-05 | 2012-12-25 | Koninklijke Kpn N.V. | VLAN numbering in access networks |
US20080186980A1 (en) * | 2007-02-05 | 2008-08-07 | Koninklijke Kpn N.V. | VLAN numbering in access networks |
US20080285466A1 (en) * | 2007-05-19 | 2008-11-20 | Cisco Technology, Inc. | Interworking between MPLS/IP and Ethernet OAM mechanisms |
US8804534B2 (en) | 2007-05-19 | 2014-08-12 | Cisco Technology, Inc. | Interworking between MPLS/IP and Ethernet OAM mechanisms |
US20090016365A1 (en) * | 2007-07-13 | 2009-01-15 | Cisco Technology, Inc. | Intra-domain and inter-domain bridging over MPLS using MAC distribution via border gateway protocol |
US9225640B2 (en) | 2007-07-13 | 2015-12-29 | Cisco Technology, Inc. | Intra-domain and inter-domain bridging over MPLS using MAC distribution via border gateway protocol |
US8531941B2 (en) | 2007-07-13 | 2013-09-10 | Cisco Technology, Inc. | Intra-domain and inter-domain bridging over MPLS using MAC distribution via border gateway protocol |
US8077709B2 (en) | 2007-09-19 | 2011-12-13 | Cisco Technology, Inc. | Redundancy at a virtual provider edge node that faces a tunneling protocol core network for virtual private local area network (LAN) service (VPLS) |
US20110032843A1 (en) * | 2008-04-10 | 2011-02-10 | Oktavian Papp | Setting up a virtual private network using virtual lan identifiers |
WO2009124591A1 (en) | 2008-04-10 | 2009-10-15 | Telefonaktiebolaget Lm Ericsson (Publ) | Setting up a virtual private network using virtual lan identifiers |
US8650286B1 (en) | 2011-03-22 | 2014-02-11 | Cisco Technology, Inc. | Prevention of looping and duplicate frame delivery in a network environment |
US8650285B1 (en) | 2011-03-22 | 2014-02-11 | Cisco Technology, Inc. | Prevention of looping and duplicate frame delivery in a network environment |
US10404792B2 (en) | 2011-06-15 | 2019-09-03 | Bae Systems Plc | Data transfer |
WO2012172319A1 (en) | 2011-06-15 | 2012-12-20 | Bae Systems Plc | Data transfer |
Also Published As
Publication number | Publication date |
---|---|
US6789121B2 (en) | 2004-09-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US6789121B2 (en) | Method of providing a virtual private network service through a shared network, and provider edge device for such network | |
US9065680B2 (en) | Methods of establishing virtual circuits and of providing a virtual private network service through a shared network, and provider edge device for such network | |
US7221675B2 (en) | Address resolution method for a virtual private network, and customer edge device for implementing the method | |
EP1713197B1 (en) | A method for implementing the virtual leased line | |
US7532630B2 (en) | Generalized layer-2 VPNs | |
US7782841B2 (en) | Method and system for transporting data using pseudowire circuits over a bridged network | |
EP1563644B1 (en) | System and method for interconnecting heterogeneous layer 2 vpn applications | |
EP2227883B1 (en) | Setting up a virtual private network | |
US20040165600A1 (en) | Customer site bridged emulated LAN services via provider provisioned connections | |
JP2005341591A (en) | Virtual private network, and multi-service provisioning platform and method | |
JP2005341583A (en) | Virtual private network, and multi-service provisioning platform and method | |
WO2005101730A1 (en) | A system and method of ensuring quality of service in virtual private network | |
KR20040019129A (en) | A Method of Setting the QoS supported bi-directional Tunnel and distributing L2 VPN membership Information for L2VPN using LDP-extension | |
EP2087419B1 (en) | Supporting bgp based ip-vpn in a routed network | |
WO2006002598A1 (en) | A vpn system of a hybrid-site hybrid backbone network and an implementing method thereof | |
US20150146573A1 (en) | Apparatus and method for layer-2 and layer-3 vpn discovery | |
EP1318631B1 (en) | Address resolution method for a virtual private network, and customer edge device for implementing the method | |
Finlayson et al. | VPN Technologies-a comparison | |
Joseph et al. | Network convergence: Ethernet applications and next generation packet transport architectures | |
Brittain et al. | MPLS virtual private networks | |
Kompella et al. | Layer 2 virtual private networks using BGP for auto-discovery and signaling | |
KR20050060284A (en) | Method for constructing virtual private network | |
Kompella et al. | RFC 6624: Layer 2 Virtual Private Networks Using BGP for Auto-Discovery and Signaling | |
Farrel et al. | MPLS VIRTUAL PRIVATE NETWORKS | |
Cherukuri | Network Working Group K. Kompella Internet-Draft Juniper Networks Intended status: Informational B. Kothari Expires: July 15, 2012 Cisco Systems |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: NORTEL NETWORKS LIMITED, CANADA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:LAMBERTON, MARC;MOUQUE, ERIC;KERMAREC, FRANCOIS;REEL/FRAME:013212/0832;SIGNING DATES FROM 20020326 TO 20020605 |
|
FPAY | Fee payment |
Year of fee payment: 4 |
|
AS | Assignment |
Owner name: ROCKSTAR BIDCO, LP, NEW YORK Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:NORTEL NETWORKS LIMITED;REEL/FRAME:027164/0356 Effective date: 20110729 |
|
FPAY | Fee payment |
Year of fee payment: 8 |
|
AS | Assignment |
Owner name: ROCKSTAR CONSORTIUM US LP, TEXAS Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:ROCKSTAR BIDCO, LP;REEL/FRAME:032168/0750 Effective date: 20120509 |
|
AS | Assignment |
Owner name: BOCKSTAR TECHNOLOGIES LLC, DELAWARE Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:ROCKSTAR CONSORTIUM US LP;REEL/FRAME:032399/0116 Effective date: 20131113 |
|
AS | Assignment |
Owner name: RPX CLEARINGHOUSE LLC, CALIFORNIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:ROCKSTAR CONSORTIUM US LP;ROCKSTAR CONSORTIUM LLC;BOCKSTAR TECHNOLOGIES LLC;AND OTHERS;REEL/FRAME:034924/0779 Effective date: 20150128 |
|
AS | Assignment |
Owner name: JPMORGAN CHASE BANK, N.A., AS COLLATERAL AGENT, IL Free format text: SECURITY AGREEMENT;ASSIGNORS:RPX CORPORATION;RPX CLEARINGHOUSE LLC;REEL/FRAME:038041/0001 Effective date: 20160226 |
|
REMI | Maintenance fee reminder mailed | ||
LAPS | Lapse for failure to pay maintenance fees | ||
STCH | Information on status: patent discontinuation |
Free format text: PATENT EXPIRED DUE TO NONPAYMENT OF MAINTENANCE FEES UNDER 37 CFR 1.362 |
|
FP | Lapsed due to failure to pay maintenance fee |
Effective date: 20160907 |
|
AS | Assignment |
Owner name: RPX CORPORATION, CALIFORNIA Free format text: RELEASE (REEL 038041 / FRAME 0001);ASSIGNOR:JPMORGAN CHASE BANK, N.A.;REEL/FRAME:044970/0030 Effective date: 20171222 Owner name: RPX CLEARINGHOUSE LLC, CALIFORNIA Free format text: RELEASE (REEL 038041 / FRAME 0001);ASSIGNOR:JPMORGAN CHASE BANK, N.A.;REEL/FRAME:044970/0030 Effective date: 20171222 |